Home > Network, Software > Use open-source software for your servers

Use open-source software for your servers

August 14th, 2009

We have been using open-source software for our servers at NDMC for the past months.  Being an educational institution on a tight budget, we cannot afford to buy licenses for commercial software so we choose to use open-source and free software, specifically GNU/Linux variants.

We were using Ubuntu 8.04 Long Term Support (LTS), which means it will be supported for the next five years (until 2013).

Then Bong, who has been experimenting with different variants of open-source server software suggested the following line-up:

  • pfSense – powerful Firewall, based on FreeBSD
  • Untangle – open source network gateway, web filter
  • eBox-Platform – domain controller, file server, print server, proxy server, mail server, and a lot more, based on Ubuntu 8.04
  • FreeNAS – file server, NAS server, based on FreeBSD

I added Proxmox Virtual Environment – an open-source virtualization platform to the list.  This allows us to create one or more Virtual Private Servers using just one computer.  This is our alternative to VMWare’s ESX.

The considerations for the above servers is also timely for our scheduled upgrade from 1.5Mbps to a 4Mbps Internet connection sometime next month.

Web Filter

There are 50 computers in our Internet laboratory, and there are about 50 computers from different offices connected to the Internet.  About 3 months ago,  we were having a lot of reports concerning viruses and malwares in the computers.  These has infected Internet Explorer and set the default home page to a pornography site.

We can clean the viruses but there must be a way to block these porn sites.  This is where we used Untangle as our web filter.  It’s very easy to install and has the following free components: Spam Blocker, Phish Blocker, Spyware Blocker, Web Filter, Virus Blocker, Intrusion Prevention, Protocol Control, Firewall, OpenVPN, Attack Blocker, and Reports.

Here is a screenshot of how Untangle’s web UI looks like (using Cammo skin):

screenshot-untangle-mozilla-firefox

Here is a screenshot of how Untangle blocks a certain web site:

screenshot-untangle-web-filter-warning-mozilla-firefox

File Server

We have no file server in our computer laboratories to serve as repository of files and exercises.  USB flash disks are used by the students as backup which carries a lot of viruses that often times corrupts these flash disks.  To solve this, we used eBox-Platform to be our file server.  The next problem is the encoding of users and permissions (about 800+ students, 90+ class schedules, 10 teachers, 8000+ access rights) which would take about a week.  What we did was:

  • export the enrolment program’s list of subjects scheduled in the laboratories with enrolled students and teachers into a CSV file;
  • create Bash scripts to encode these data into eBox’s users and groups;
  • join the Windows XP client computers into the domain.

With the above, it would take only about 3 hours to auto-encode the above users with permissions.  Actually, that’s about 5 minutes of issuing linux commands and 2:55 hours of letting the computer encode it for you. ;)

This file server is not yet implemented because we are in the middle of the semester now.  But it has already been demonstrated to the College of Information Technology and Engineering (CITE) teachers and they liked it.

So students and teachers can now have their domain account to be used in the laboratories.  This file server will help secure the student’s exercises and centralize checking by the teachers.  I have a detailed post at Creating a Laboratory File Server.

Here is how eBox’s Web Dashboard looks like:

screenshot-ebox-dashboard-mozilla-firefox

It looks empty because there are no logged-in users and computers.

Firewall

This will secure the network from the Internet.  We have 5 servers using public static IP addresses.  Whoever maintains these servers must secure it from the Internet and there was no centralized means of protecting our servers from the Internet.

We used pfSense – a very powerful firewall software with a lot of features.  This server is setup as a transparent firewall.  This gave us the confidence that our network is protected.

Now why would I want to setup pfSense as a transparent firewall you may ask?  Because we need the servers to still use the public static IP addresses:

Of course it’s such a waste of IP addresses, we could just do a port forwarding or NAT for the above, right?  Well, perhaps when we have enough time. ;)

Here is pfSense’s WebGUI:

screenshot-pfsensendmceduph-pfsense-webgui-mozilla-firefox

And here is pfSense’s Traffic Graph:

screenshot-pfsensendmceduph-status-traffic-graph-mozilla-firefox

I see this graph top at 1Mbps during office hours and I could just wonder “Geez, whoever made all those bandwidth requests?“.

There you go, the list of open-source software we use in our servers.  Hope you get to use them on your servers too.

Wait, what about Proxmox Virtual Environment?  I will create a separate post regarding virtualization and hypervisors. ;)

Thanks to Bong for doing a very good research.

Related Articles:

  1. January 26th, 2016 at 06:38 | #1

    If some one wishes to be updated with latest technologies then he must be pay a visit
    this web page and be up to date everyday.

  2. January 28th, 2016 at 14:55 | #2

    I got this website from my friend who told me regarding
    this website and now this time I am browsing this web site and reading very informative articles
    at this time.

  3. February 3rd, 2016 at 07:12 | #3

    This is really attention-grabbing, You are an excessively skilled blogger.
    I’ve joined your rss feed and sit up for seeking extra of your excellent post.
    Also, I’ve shared your web site in my social networks

  4. February 25th, 2016 at 19:02 | #4

    An intriguing discussion is worth comment. I do think that
    you ought to write more about this subject, it might not be
    a taboo matter but usually folks don’t talk about these subjects.
    To the next! Cheers!!

  5. March 15th, 2016 at 03:48 | #5

    Thankfulness to my father who informed me regarding this website, this web site is genuinely amazing.

  6. April 6th, 2016 at 04:42 | #6

    Greate article. Keep writing such kind of information on your blog.
    Im really impressed by it.
    Hi there, You’ve done a fantastic job. I will certainly digg it
    and in my view suggest to my friends. I am confident they’ll be
    benefited from this website.

  7. May 8th, 2016 at 03:03 | #7

    It’s a pity you don’t have a donate button! I’d most certainly donate to this excellent blog!
    I suppose for now i’ll settle for book-marking and adding your RSS feed to my Google account.
    I look forward to brand new updates and will share this site with my Facebook group.
    Talk soon!

  8. June 21st, 2016 at 10:41 | #8

    excellent points altogether, you simply received a new reader.
    What could you recommend in regards to your put up that you just
    made a few days ago? Any positive?

  1. No trackbacks yet.